Keeping secrets in incomplete databases

Authors:
Joachim Biskup;Torben Weibert
Affiliations:
Universität Dortmund, Fachbereich Informatik, 44221, Dortmund, Germany;Universität Dortmund, Fachbereich Informatik, 44221, Dortmund, Germany
Venue:
International Journal of Information Security
Year:
2008

Citing 0
Cited 12

Preprocessing for controlled query evaluation with availability policy

Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Data Privacy for $\mathcal{ALC}$ Knowledge Bases

LFCS '09 Proceedings of the 2009 International Symposium on Logical Foundations of Computer Science
Controlled Query Evaluation and Inference-Free View Updates

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Requirements and protocols for inference-proof interactions in information systems

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Keeping secrets in possibilistic knowledge bases with necessity-valued privacy policies

IPMU'10 Proceedings of the Computational intelligence for knowledge-based systems design, and 13th international conference on Information processing and management of uncertainty
Design by example for SQL table definitions with functional dependencies

The VLDB Journal — The International Journal on Very Large Data Bases
Usability confinement of server reactions: maintaining inference-proof client views by controlled interaction execution

DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Towards controlled query evaluation for incomplete first-order databases

FoIKS'10 Proceedings of the 6th international conference on Foundations of Information and Knowledge Systems
Inference-usability confinement by maintaining inference-proof views of an information system

International Journal of Computational Science and Engineering
The implication problem of data dependencies over SQL table definitions: Axiomatic, algorithmic and logical characterizations

ACM Transactions on Database Systems (TODS)
Revising belief without revealing secrets

FoIKS'12 Proceedings of the 7th international conference on Foundations of Information and Knowledge Systems
Dynamic policy adaptation for inference control of queries to a propositional information system

Journal of Computer Security - DBSec 2011

Quantified Score

Hi-index	0.00

Visualization

Abstract

Controlled query evaluation (CQE) preserves confidentiality in information systems at runtime. A confidentiality policy specifies the information a certain user is not allowed to know. At each query, a censor checks whether the answer would enable the user to learn any classified information. In that case, the answer is distorted, either by lying or by refusal. We introduce a framework in which CQE can be analyzed wrt. possibly incomplete logic databases. For each distortion method, lying and refusal, a class of confidentiality-preserving mechanisms is presented. Furthermore, we specify a third approach that combines lying and refusal and compensates the disadvantages of the respective uniform methods. The enforcement methods are compared to the existing methods for complete databases.